We enable over 4,000 organizations across Europe to deliver exceptional business services, with a central focus on earning and maintaining your trust.
12/18/2023
Verified has conducted thorough investigations into the MongoDB security incident, which involved unauthorized access to specific MongoDB corporate systems reported on December 16, 2023. Verified is not exposed to this threat. We will actively monitor updates on the MongoDB investigation.
Incident summary
On December 16th, our third-party provider MongoDB disclosed an unauthorized access incident affecting their corporate systems. The incident exposed customer account metadata and contact information. Suspicious activity was detected on December 13th, and MongoDB promptly initiated their incident response process.
Source of information
Real-time alerts from MongoDB and www.mongodb.com/alerts
Action required
Verified customers remain unaffected by the reported vulnerability in MongoDB corporate systems.
Security is front of mind when designing our applications and business processes. The Verified’s Cloud security architecture is designed with consideration of a broad range of industry standards and frameworks and in tandem with our internal threat modeling process. It is designed to balance the need for flexibility with the need for effective controls to ensure confidentiality, integrity, and availability of our customers' data.
We run our security program in compliance with a range of well-known industry standards. We appreciate that these attestations matter, as they provide independent assurance to our customers that we are on the right track.
We also perform comprehensive security audits, which is done at least annually.
Outputs arising from these audit and certification programs, coupled with our internal process outputs, such as vulnerability management, are all fed into a continuous improvement cycle which helps us keep sharpening the overall security program.
As much as securing our products is a priority, we also understand the importance of being conscious of the way we conduct our internal day-to-day operations. The concept of “building security in” is the same philosophy we use with our internal processes and influences how our business is conducted.
One of our industry’s challenges is to ship secure products while maintaining a healthy speed to market. Our goal is to achieve the right balance between speed and security. There are a range of security controls we implement to keep our products and your data safe.
The users of Verified are running their most important business operations with the service. Hence it is integral that Verified offer the highest degree of reliability in combination with back-up plans for what happens when something stops working.
We believe all businesses have potential to do amazing things. Our mission is to unleash the potential in every business of every size and industry, and in turn, help advance these businesses through the power of software.
We know that your mission is as important to you as our mission is to us, and information is at the heart of all our businesses and lives. This is why customer trust is at the center of what we do and why security is our top priority. We’re transparent with our security program so you can feel informed and safe using our products and services.
The information on this page applies to Verified core services, Smart Flows and APIs unless otherwise noted.
We acknowledge that there is always margin for error. We are proactive in detecting security issues, which allows us to address identified gaps as soon as possible to minimize the damage.
Supporting your digital business transformation with cloud-based eIDAS compliant electronic signatures
Verified’s powerful workflows and electronic signature and authentication solutions allow your business to complete transactions, agreements and approvals faster all while being compliant with eIDAS standards. Verified is providing you with real-time signer certificates at the time of signing, reducing the need for in-house digital certificate management and hence reducing the operational management complexity your business might need to handle.
Hosting of our platform for our operational services storage ISO/IEC 27001:2013, SOCI-III, PCI DSS and more.
Org no: 516411-0669, Kungsgatan 49, 111 22 Stockholm, Sverige
Processing customers data
EU
Lookup services
974 760 673, Brønnøysundregistera, Postboks 900, 8910 Brønnøysund
Yes
EU
Use logdata for Observability, monitoring and security purposes. Read more: https://trust.datadoghq.com/.
Datadog, Inc. 620 8th Ave 45th Floor, New York, NY 10018 USA https://trust.datadoghq.com/
Yes
EU
Lookup services
Org no: 556341-5685, Rosenborgsgatan 4-6, Solna, Sweden
Yes, from Dec 27, 2023
EU
Signing, authentication
14080014, Telliskivi tn 60/1, Tallinn, Estonia, 10412
If customer uses the service
EU
Signing, authentication, lookup services with BankID SE
556630-4928, Södra Kungstornet; Kungsgatan 33; 111 56 Stockholm
If customer uses the service
EU
Storage of files that enables the customer to maintain the text and its translations to different languages that are used if the service “smart forms” is used.
ISO/IEC 27001:2013, SOC 2, CSA STAR and more: https://cloud.google.com/security IEno 6388047V, Gordon House, Barrow Street, Dublin 4
If customer uses the service
EU if customer select to use the service
Storage of process data generated and could be used during usage of some of our services as custom flows and AML.
ISO/IEC 27001:2013, SOC 2, PCI DSS and more: Number One Ballsbridge, Ballsbridge, Dublin 4, Ireland
EU if customer select to use the service
Signing, authentication, payments, lookup services
556630-4928, Södra Kungstornet; Kungsgatan 33; 111 56 Stockholm
If customer uses the service.
EU
Lookup services supporting AML and KYC compliance
559161-4275, Dansbanevägen, 16, 126 31 Hägersten, Sweden
If customer uses the service
EU
Operational services for contract management.
559364-3058
Skogsfrugränd 1, 16762 Bromma, Sweden
If customer select to use the service.
EU
Signing, authentication, payments, lookup services
Org no: 556586-4773, Kungsgatan 56, 111 22 Stockholm, Sweden
If customer select to use the service
EU
Offer eID (MitID Erhverv in Denmark)
c/o Nets Denmark A/S
Klausdalsbrovej 601
2750 Ballerup
If customer select to use the service
EU
Signing, authentication, payments, lookup services
918 713 867, Postboks 9236 Grønland, 0134 Oslo
If customer uses the service
EU
Tool for our customer support services and ticket application. Contains information provided by the customer and support staff about the service. ISO 27001:18, AICPA, SOCII etc. See: https://www.zendesk.com/product/zendesk-security/
EIN no: 26-4411091, SEC CIK #0001463172, 989 Market St, San Francisco, CA 94103
If customer uses the service
EU
Quick and easy
Touch ID, Email, SMS OTP
SMS OTP, Mail OTP, BankID Sweden, BankID Norway, FTN, MitID
BankID Norway
ISO 27001
International Organization for Standardisation
Certified ISO 27001 is specification for an information security management system (ISMS), which is a framework for an organization's information risk management processes.
BankID
BankID
Verified is a compliant partner and issuer of BankID in Norway and Sweden. Merchants get their certificates issued through Verified. Verified adheres to the current requirements of BankID to keep this status/position. BankID meets the banks’ own high standards for Internet banking security.